package com.example.mybatis.demo.controller;

import com.example.mybatis.demo.mapper.UserInfoMapper;
import com.example.mybatis.demo.model.UserInfo;
import com.example.mybatis.demo.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

/**
 * Created with IntelliJ IDEA.
 * Description:
 * User: Li_yizYa
 * Date: 2025/7/14
 * Time: 21:08
 */
@RestController
@RequestMapping("/user")
public class UserController {

    @Autowired
    private UserService userService;

    @RequestMapping("/selectUserList")
    public List<UserInfo> selectUserList() {
        return userService.selectUserList();
    }

    // SQL 注入问题: http://127.0.0.1:8080/user/login?userName=admin&password=' or 1='1
    @RequestMapping("/login")
    public boolean login(String userName, String password) {
        // 参数校验
        // 从数据库验证账号密码是否正确
        UserInfo userInfo = userService.selectUserByNameAndPassword(userName, password);
        if (userInfo != null) {
            return true;
        }
        return false;
    }
}
